Egroupware contains embedded copies of several php based projects,
including phpldapadmin and phpsysinfo.

Phpldapadmin before 0.9.6c allows remote attackers to gain anonymous
access to the LDAP server, even when disable_anon_bind is set, via an
HTTP request to login.php with the anonymous_bind parameter set.
(CAN-2005-2654)